SC-400 Microsoft Information Protection Administrator Questions and Answers

You need to recommend a solution that meets the compliance requirements for protecting the documents in the Data shared folder. What should you recommend?

You need to recommend a solution that meets the compliance requirements for viewing DLP tooltip

justifications.

What should you recommend?

You need to recommend a solution that meets the sales requirements.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

You need to implement a solution to encrypt email. The solution must meet the compliance requirements.

What should you create in the Exchange admin center and the Microsoft 36.S compliance center? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You need to recommend a solution that meets the executive requirements. What should you recommend?

You need to recommend an information governance solution that meets the HR requirements for handling employment applications and resumes.

What is the minimum number of information governance solution components that you should create? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You need to recommend a solution that meets the compliance requirements for Dropbox.

What should you recommend?

You need to recommend a solution to configuration the Microsoft 365 Records management settings by using the CSV file must meet the compliance requirements.

What should you recommend?

You need to recommend a solution that meets the compliance requirements for protecting the documents in the Data shared folder.

What should you configure in the Microsoft Purview compliance portal?

You need to implement a solution that meets the compliance requirements for the Windows 10 computers.

Which two actions should you perform? Each correct answer presents part of the solution.

NOTE: Each coned selection is worth one point.

You need to recommend a solution that meets the Data Loss Prevention requirements for the HR department.

Which three actions should you perform? Each correct answer presents part of the solution. (Choose three.)

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription that contains the users and groups shown in the following table.

You create the communication compliance policy as shown in the exhibit. (Click the Exhibit tab.)

Four emails are sent as shown in the following table.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

You have the retention label policy shown in the Policy exhibit. (Click the Policy tab.)

Users apply the retention label policy to files and set the asset ID as shown in the following table.

On December 1, 2020, you create the event shown in the Event exhibit. (Click the Event tab.)

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

You have a Microsoft 365 E5 subscription.

Users access their mailbox by using the following apps:

• Outlook Win32

• Outlook on the web

• Outlook for iOS and Android

You create a data loss prevention (DLP) policy named DLP1 that has the following settings:

• Location: Exchange email

• Status: On

• User notifications: On

• Notify users in Office 365 service with a policy tip: Enabled

Which apps display a policy tip when content is matched by using DLP1?

While creating a retention label, you discover that the Mark items as a regulatory record option is unavailable.

You need to ensure that the option is available when you create retention labels in the Microsoft Purview compliance portal.

How should you complete the PowerShell script? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Task 4

You need to block users from sending emails containing information that is subject to Payment Card Industry Data Security Standard (PCI OSS). The solution must affect only emails.

Task 6

You plan to implement Endpoint data loss prevention (Endpoint DLP) policies for computers that run Windows.

Users have an application named App1 that stores data locally in a folder named C:\app1\data.

You need to prevent the folder from being monitored by Endpoint DLP.

Task 7

You need to create a retention policy that meets the following requirements:

• Applies to Microsoft Teams chat and Teams channel messages of users that have a department attribute of Sales.

• Retains item for five years from the date they are created, and then deletes them.

Task 1

You need to provide users with the ability to manually classify files that contain product information that are stored in SharePoint Online sites. The solution must meet the following requirements:

• The users must be able to apply a classification of Product1 to the files.

• Any authenticated user must be able to open files classified as Product1.

• files classified as Product1 must be encrypted.

Task 5

You need to ensure that a group named U.S. Sales can store files containing information subject to General Data Protection Regulation (GDPR) in their OneDrive accounts. All other current GDPR restrictions must remain in effect.

Task 3

You plan to automatically apply a watermark to the document1 of a project named Falcon.

You need to create a label that will add a watermark of "Project falcon' in red. size-12 font diagonally across the documents.

Task 9

You are investigating a data breach.

You need to retain all Microsoft Exchange items in the mailbox of Alex Wilber that contain the word Falcon and were created in the year 2021.

Task 10

You plan to create a data loss prevention (DLP) policy that will apply to content containing the following keywords:

• Tailspin

• litware

• Falcon

You need to create a keyword list that can be used in the DLP policy. You do NOT need to create the DLP policy at this time.

You have a Microsoft 365 subscription.

You have a team named Team! in Microsoft Teams.

You plan to place all the content in Team1 on hold.

You need to identify which mailbox and which Microsoft SharePoint site collection are associated to Team1.

Which cmdlet should you use?

You have a data loss prevention (DLP) policy that applies to the Devices location. The policy protects documents that contain States passport numbers.

Users reports that they cannot upload documents to a travel management website because of the policy.

You need to ensure that the users can upload the documents to the travel management website. The solution must prevent the protected content from being uploaded to other locations.

Which Microsoft 365 Endpoint data loss prevention (Endpoint DLP) setting should you configure?

You need to create a retention policy to delete content after seven years from the following locations:

Exchange email

SharePoint sites

OneDrive accounts

Office 365 groups

Teams channel messages

Teams chats

What is the minimum number of retention policies that you should create?

You have a Microsoft 365 E5 subscription that contains two users named User1 and Admin1. Admin1 manages audit retention policies for the subscription.

You need to ensure that the audit logs of User1 will be retained for 10 years.

What should you do first?

You have a Microsoft 365 tenant.

You create the following:

A sensitivity label

An auto-labeling policy

You need to ensure that the sensitivity label is applied to all the data discovered by the auto-labeling policy.

What should you do first?

You have a Microsoft 365 tenant that contains the users shown in the following table.

You configure a retention label to trigger a disposition review at the end of the retention period.

Which users can access the Disposition tab in the Microsoft 365 compliance center to review the content?

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You recently discovered that the developers at your company emailed Azure Storage keys in plain text to third parties.

You need to ensure that when Azure Storage keys are emailed, the emails are encrypted.

Solution: You create a data loss prevention (DLP) policy that has only the Exchange email location selected.

Does this meet the goal?

You have a Microsoft 365 E5 subscription.

You need to deploy a compliance solution that meets the following requirements:

• Prevents users from performing data transfers that breach local regulations

• Minimizes effort to respond to requests for a user's personal data

What should you use in the Microsoft Purview compliance portal? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have a Microsoft 365 subscription.

You have a user named User1. Several users have full access to the mailbox of User1.

Some email messages sent to User1 appear to have been read and deleted before the user viewed them.

When you search the audit log in the Microsoft Purview compliance portal to identify who signed in to the mailbox of User1, the results are blank.

You need to ensure that you can view future sign-ins to the mailbox of User1.

Solution: You run the Set-AuditConfig -Workload Exchange command.

Does that meet the goal?

You have a Microsoft 365 E5 tenant that contains a user named User1. User1 is assigned the Compliance Administrator role.

User1 cannot view the regular expression in the Ip Address sensitive info type.

You need to ensure that User1 can view the regular expression.

What should you do?

You need to meet the technical requirements for the Site3 documents.

What should you create?

You need to meet the technical requirements for the creation of the sensitivity labels.

To which user or users must you grant the Sensitivity label administrator role?

You need to meet the technical requirements for the Site1 documents.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

You need to meet the technical requirements for the confidential documents.

What should you created first, and what should you use for the detection method? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You are evaluating the technical requirements for the DLP reports.

Which user can currently view the DLP reports?

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth is worth one point.

How many files in Site2 will be visible to User1 and User2 after you turn on DLPpolicy1? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

You are reviewing policies for the SharePoint Online environment.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

You need to meet the technical requirements for the creation of the sensitivity labels. Which administrative users are currently missing the Sensitivity label administrator role?